DroidBot: Insights from a new Turkish MaaS fraud operation
https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation?s=03
https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation?s=03
Cleafy
DroidBot: Insights from a new Turkish MaaS fraud operation | Cleafy Labs
Cleafy Labs reveals DroidBot, a new Android Remote Access Trojan targeting banks, crypto exchanges, and national organisations in Europe and beyond. Learn how it operates with dual-channel communication and evolving tactics. Read here the full report.
π13β€3
Automatically decode Android apps and searche for secrets
https://trufflesecurity.com/blog/cracking-open-apk-files-at-scale
https://trufflesecurity.com/blog/cracking-open-apk-files-at-scale
Trufflesecurity
Cracking Open APK Files at Scale β Truffle Security Co.
TruffleHog now automatically decodes Android Package Kit (APK) files and searches them for secrets. It runs ~9x faster than using an external decompiler before calling TruffleHog.
π19β€7π₯3
Trying to exploit my old Android using CVE-2020-0401 (PackageManagerService)
https://pwner.gg/blog/Android's-CVE-2020-0401
https://pwner.gg/blog/Android's-CVE-2020-0401
( Ν‘ββ―_ Ν‘β)π
Android's CVE-2020-0401 (PackageManagerService)
Note This is another attempt in my Android Side Quest (the previous one was Androidβs CVE-2020-0238). Intro While digging around through my old gadgets, I found my ancient OnePlus phone that had been gathering dust in a drawer.
π20
Malimite: iOS decompiler designed to analyze and decode IPA files
Built on top of Ghidra to offer direct support for Swift, Objective-C, and iOS resources
https://github.com/LaurieWired/Malimite
Built on top of Ghidra to offer direct support for Swift, Objective-C, and iOS resources
https://github.com/LaurieWired/Malimite
GitHub
GitHub - LaurieWired/Malimite: iOS and macOS Decompiler
iOS and macOS Decompiler. Contribute to LaurieWired/Malimite development by creating an account on GitHub.
π₯22π₯°4β€3
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaurβs Multi-Platform Attacks
https://www.trendmicro.com/en_us/research/24/l/earth-minotaur.html
https://www.trendmicro.com/en_us/research/24/l/earth-minotaur.html
Trend Micro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaurβs Multi-Platform Attacks
π14
Android smartphone Confiscated by Russian Authorities Returned with Monokle-Type Spyware Installed
https://citizenlab.ca/2024/12/device-confiscated-by-russian-authorities-returned-with-monokle-type-spyware-installed/
https://citizenlab.ca/2024/12/device-confiscated-by-russian-authorities-returned-with-monokle-type-spyware-installed/
The Citizen Lab
Something to Remember Us By
In a joint investigation with The First Department, The Citizen Lab uncovered spyware covertly implanted on the phone of a Russian programmer following his release from Russian custody. The Monokle-like spyware allows an operator to track the deviceβs locationβ¦
π13π₯2
Deobfuscate Android App: LLM tool to find any potential security vulnerabilities in Android apps and deobfuscate Android app code
https://github.com/In3tinct/deobfuscate-android-app
https://github.com/In3tinct/deobfuscate-android-app
GitHub
GitHub - In3tinct/Androidmeda: AI Security tool to deobfuscate and find any potential vulnerabilities in android apps.
AI Security tool to deobfuscate and find any potential vulnerabilities in android apps. - In3tinct/Androidmeda
π₯25
OWApp Benchmark Suite: A comprehensive framework designed to automate and enhance the benchmarking process for mobile applications, particularly within the context of security analysis
https://github.com/Mobile-IoT-Security-Lab/OWApp-Benchmarking-Suite
https://github.com/Mobile-IoT-Security-Lab/OWApp-Benchmarking-Suite
GitHub
GitHub - Mobile-IoT-Security-Lab/OWApp-Benchmarking-Suite: The OWApp Benchmark: an OWASP-compliant Vulnerable Android App Dataset
The OWApp Benchmark: an OWASP-compliant Vulnerable Android App Dataset - Mobile-IoT-Security-Lab/OWApp-Benchmarking-Suite
π₯12π4
AppLite: A New AntiDot Variant Targeting Mobile Employee Devices
https://www.zimperium.com/blog/applite-a-new-antidot-variant-targeting-mobile-employee-devices/
https://www.zimperium.com/blog/applite-a-new-antidot-variant-targeting-mobile-employee-devices/
Zimperium
AppLite: A New AntiDot Variant Targeting Mobile Employee Devices
true
π₯17
EagleMsgSpy: New Chinese Android Surveillance Tool Used by Public Security Bureaus
https://www.lookout.com/threat-intelligence/article/eaglemsgspy-chinese-android-surveillanceware
https://www.lookout.com/threat-intelligence/article/eaglemsgspy-chinese-android-surveillanceware
π12
Mobile Threat Landscape Report by Lookout in Q3 2024
-10 Most Common Mobile Browser Vulnerabilities
-5 Most Common Mobile App Vulnerabilities
-10 Most Encountered Malware Families in Q3 2024
https://www.lookout.com/threat-intelligence/report/q3-2024-mobile-landscape-threat-report-copy
-10 Most Common Mobile Browser Vulnerabilities
-5 Most Common Mobile App Vulnerabilities
-10 Most Encountered Malware Families in Q3 2024
https://www.lookout.com/threat-intelligence/report/q3-2024-mobile-landscape-threat-report-copy
π11β€6
Bluetooth and Wi-Fi Jamming using Flipper Zero
https://www.mobile-hacker.com/2024/12/12/bluetooth-and-wi-fi-jamming-using-flipper-zero/
https://www.mobile-hacker.com/2024/12/12/bluetooth-and-wi-fi-jamming-using-flipper-zero/
π₯19β€3π3
BoneSpy and PlainGnome: Two Russian Android Spyware Families Discovered and Connected to Gamaredon APT
https://www.lookout.com/threat-intelligence/article/gamaredon-russian-android-surveillanceware
https://www.lookout.com/threat-intelligence/article/gamaredon-russian-android-surveillanceware
Lookout
Lookout Discovers PlainGnome and Bonespy Uzbek Android spyware | Threat Intel
Researchers at the Lookout Threat Lab have discovered two Android surveillance families dubbed BoneSpy and PlainGnome attributed to Uzbekistan's State Security Service
π10
A New Android Banking Trojan Masquerades as Utility and Banking Apps in India
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/a-new-android-banking-trojan-masquerades-as-utility-and-banking-apps-in-india/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/a-new-android-banking-trojan-masquerades-as-utility-and-banking-apps-in-india/
McAfee Blog
A New Android Banking Trojan Masquerades as Utility and Banking Apps in India | McAfee Blog
Authored by Dexter Shin Over the years, cyber threats targeting Android devices have become more sophisticated and persistent. Recently, McAfee Mobile
π10π€2π₯±2
This media is not supported in your browser
VIEW IN TELEGRAM
Denial-of-service (DoS) bug that affects Messenger for iOS
https://s11research.com/posts/Messenger-Group-Call-DoS-for-iOS/
https://s11research.com/posts/Messenger-Group-Call-DoS-for-iOS/
π11β€2
Understanding XSS in Android Apps
https://medium.com/@anandrishav2228/earn-10-000-xss-in-android-apps-scratch-to-advance-cb3aa6c2b98f
https://medium.com/@anandrishav2228/earn-10-000-xss-in-android-apps-scratch-to-advance-cb3aa6c2b98f
Medium
Earn $10,000 XSS in Android Apps Scratch to Advance.
Cross-Site Scripting (XSS) attacks are often associated with web applications, but they can also be critical in Android applicationβ¦
π12
Bluetooth RCE allows to compromise the car to be able to record in-car audio, take screenshots, and download contacts from a Skoda Superb over the Internet
https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf
https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf
π₯16π2β€1
Android's CVE-2022-20201 (InstalldNativeService)
https://pwner.gg/blog/Android's-CVE-2022-20201
https://pwner.gg/blog/Android's-CVE-2022-20201
( Ν‘ββ―_ Ν‘β)π
Android's CVE-2022-20201 (InstalldNativeService)
Intro This is another attempt as part of my @vr_progress to hack my old, unpatched OnePlus phone which didnβt get any updates for years. This time I chose CVE-2022-20201, a crafty little bug hiding in one of the subsystems used by Androidβs package manager.
π₯13π2β€1π©1
Vulnerabilities in the eSIM download protocol
http://i.blackhat.com/EU-24/Presentations/EU-24-Ahmed-VulnerabilitiesIneSIM.pdf
http://i.blackhat.com/EU-24/Presentations/EU-24-Ahmed-VulnerabilitiesIneSIM.pdf
π₯14
Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea β Threat Actors, Tactics, and Defense Strategies
https://i.blackhat.com/EU-24/Presentations/EU-24-V2-Islamoglu-Unmasking-State-Sponsored-Mobile-Surveillance.pdf
https://i.blackhat.com/EU-24/Presentations/EU-24-V2-Islamoglu-Unmasking-State-Sponsored-Mobile-Surveillance.pdf
π₯10π8
My other ClassLoader is your ClassLoader: Creating evil twin instances of a class
https://i.blackhat.com/EU-24/Presentations/EU-24-Valsamaras-My-other-classloader.pdf
https://i.blackhat.com/EU-24/Presentations/EU-24-Valsamaras-My-other-classloader.pdf
π₯12